The file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-5170-83472-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2021-10-08T15:15:36.568963Z
Updated: 2024-09-17T03:33:55.956Z
Reserved: 2021-09-22T00:00:00
Link: CVE-2021-41566
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-08T16:15:07.947
Modified: 2024-11-21T06:26:26.480
Link: CVE-2021-41566
Redhat
No data.